Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add deferred datagram limit to QUIC Record Layer RX #19251

Closed
wants to merge 1 commit into from
Closed

Add deferred datagram limit to QUIC Record Layer RX #19251

wants to merge 1 commit into from

Conversation

hlandau
Copy link
Member

@hlandau hlandau commented Sep 20, 2022

While talking about the QUIC record layer, I noticed that I didn't impose any limit on the number of deferred datagrams we buffer. This could allow a malicious peer to deliberately avoid sending packets which would cause the next EL to become ready, then send us an infinite number of packets we can't yet decrypt. This fixes that and allows a limit to be imposed.

@hlandau hlandau added branch: master Merge to master branch approval: review pending This pull request needs review by a committer approval: otc review pending This pull request needs review by an OTC member triaged: bug The issue/pr is/fixes a bug labels Sep 20, 2022
@hlandau hlandau self-assigned this Sep 20, 2022
@levitte levitte removed the approval: otc review pending This pull request needs review by an OTC member label Sep 21, 2022
@t8m t8m added approval: done This pull request has the required number of approvals and removed approval: review pending This pull request needs review by a committer labels Sep 21, 2022
@hlandau hlandau mentioned this pull request Sep 21, 2022
Closed
@openssl-machine openssl-machine added approval: ready to merge The 24 hour grace period has passed, ready to merge and removed approval: done This pull request has the required number of approvals labels Sep 22, 2022
@openssl-machine
Copy link
Collaborator

This pull request is ready to merge

@hlandau
Copy link
Member Author

hlandau commented Sep 22, 2022

Merged to master.

@hlandau hlandau closed this Sep 22, 2022
openssl-machine pushed a commit that referenced this pull request Sep 22, 2022
@hlandau
Add deferred datagram limit to QUIC Record Layer RX
0ff9813 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from #19251)
sftcd pushed a commit to sftcd/openssl that referenced this pull request Sep 24, 2022
@hlandau @sftcd
Add deferred datagram limit to QUIC Record Layer RX
b67941c 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from openssl#19251)
beldmit pushed a commit to beldmit/openssl that referenced this pull request Dec 26, 2022
@hlandau @beldmit
Add deferred datagram limit to QUIC Record Layer RX
31a407a 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from openssl#19251)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@levitte levitte levitte approved these changes

@t8m t8m t8m approved these changes

@mattcaswell mattcaswell Awaiting requested review from mattcaswell

Assignees

@hlandau hlandau

Labels
approval: ready to merge The 24 hour grace period has passed, ready to merge branch: master Merge to master branch triaged: bug The issue/pr is/fixes a bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@hlandau @openssl-machine @levitte @t8m